Tenable.sc FAQs

Tenable.sc FAQs

Tenable.sc General Questions

What is Tenable.sc?

Tenable.sc™ consolidates and evaluates vulnerability data across the enterprise, prioritizing security risks and providing a clear view of your security posture. With Tenable.sc, get the visibility and context you need to effectively prioritize and remediate vulnerabilities, ensure compliance with IT security frameworks, standards and regulations, and take decisive action to ensure the effectiveness of your IT security program and reduce business risk.

Tenable.sc includes functionality from Nessus® as well as the following additional capabilities:

Use advanced analytics with actionable information and trending to prioritize events and alerts

What is Tenable.sc Continuous View?

Tenable.sc Continuous View is a comprehensive solution that provides continuous visibility and critical context, enabling decisive action. With advanced analytics, it gives you continued assurance that your security program is working.

Tenable.sc Continuous View includes Tenable.sc capabilities, as well as the following additional capabilities:

Obtain information on which assets are connected to the network and how they are communicating

Monitor host activities and events, including who is accessing them and what is changing

What are Assurance Report Cards (ARCs)?

ARCs are highly customizable “objectives” that CISOs can define and use to measure security assurance on a continuous basis. ARCs enable customers to express security policies in a business context, and assess them continuously for security assurance. ARCs utilize customer-defined security policies, allowing security teams to identify the gaps where policies are failing to meet business objectives.

What are Critical Cyber Controls, and how do they help me?

Critical Cyber Controls are executive focused ARCs that come pre-installed in Tenable.sc. They enable CISOs to validate the following top five security objectives which have the greatest impact to ensuring the security posture of any business.

Objective #1: Track authorized inventory of hardware and software

Objective #2: Remove vulnerabilities and misconfigurations

Objective #3: Deploy a secure network

Objective #4: Authorize user access to the systems

Objective #5: Search for malware and intruders

Each Critical Cyber Control ARC can be customized to meet your specific security goals.

Nessus Agents, available with Tenable.io and Tenable.sc, increase scan flexibility by making it easy to scan problematic assets such as those needing ongoing host credentials and assets that are offline. Agents also enable large-scale concurrent scanning with little network impact.

Why Use Nessus Agents with Tenable.sc?

Today’s extended networks and mobile devices make assessing and protecting all of your environment extremely difficult. Now it is possible to leverage Nessus Agent technology to increase scan coverage and remove blind spots. Nessus Agents were first introduced with Nessus 6.3 in February 2015, and platform coverage continues to expand.

Systems for which the security team lacks the credentials required to perform authenticated scanning.

Fragile systems that are unsafe to scan with traditional scanning.

How do Nessus Agents and Tenable.sc work together?

Nessus Agent scans, configured from within Tenable.io Vulnerability Management or Nessus Manager, identify vulnerabilities, policy-violating configurations and malware on the hosts where they are installed, report results back to Tenable.io Vulnerability Management or Nessus Manager, and then the results are imported into Tenable.sc on a scheduled basis. By scheduling the import of the agent collections, you will ensure your reports and overall security metrics now include “all” the hosts in your environment.

What is the recommended deployment model when using Nessus Agents with Tenable.sc?

Tenable recommends that you use Tenable.io Vulnerability Management to manage Nessus Agents and to transfer agent data to Tenable.sc.

Tenable recommends the Tenable.io Vulnerability Management deployment model for the following reasons:

Safely secure your mobile workforce: You may have thousands or tens of thousands of remote/mobile workers whose laptops are not online during a vulnerability scan. Nessus Agents will run the scans locally and then upload result to Tenable.io Vulnerability Management when a connection is available, without the risk associated with every agent uploading its individual results through your firewall.

Simplify management: Tenable manages Tenable.io for you. We are responsible for high availability, we backup the data and we perform the software updates. You manage your vulnerability data, not the Tenable.io platform.

Scale with ease: As your use of Nessus Agents increases, you will not need to upgrade your computing and storage infrastructure to accommodate growth.

Scan your perimeter: Many Tenable.sc customers that already perform internal scanning to satisfy PCI compliance requirements also use Tenable.io Vulnerability Management to satisfy external PCI scanning requirements that must be performed by an approved scanning vendor (ASV). If you are not already using Tenable.sc to meet both internal as well as external PCI compliance scans, this deployment model will make it easy for you to use both of these Tenable.sc capabilities.

Preserve internet bandwidth: Importing scan data in bulk from Tenable.io can be scheduled during off hours to preserve daytime bandwidth for your business users. Additionally, managing a single connection between Tenable.io and Tenable.sc reduces network overhead compared with managing thousands of connections with individual agents.

If desired, you can use Nessus Manager in place of Tenable.io Vulnerability Management to manage the agents. In this case, Tenable suggests you deploy Nessus Manager as a proxy between the agents and Tenable.sc.

For more information about Nessus Agents, see the following resources:

Global

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

Thank You

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

Thank You

Try Tenable.io Container Security

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Thank You

Thank you for your interest in the Tenable.io Container Security program. A representative will be in touch soon.

Learn More about Industrial Security

Try Tenable.io free for 60 days. Protect your organization from WannaCry, NotPetya and other ransomware cyberattacks. Get Started

The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.